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DETAILED ACTION 

RESPONSE TO ARGUMENTS 

1 . Applicant's arguments filed 1 1/24/2010 have been fully considered but they are 
not persuasive. Currently, claims 2-3 and 22-30 are cancelled; claims 32-40 are 
withdrawn; and claims 1 , 4-21 and 31 are pending for examination. 

2. In response to applicant's arguments with regard to the independent claims 1 , 
20-21 and 31 rejected under 35 U.S.C. 1 03(a) that the combination of the references 
does not teach/suggest the claimed invention because the combination of Colburn with 
Scheifler impermissibly changes the principle operation of Scheifler . as Scheifler stores 
security details (e.g., permissions) in a centralized policy file not in target objects, as 
permissions authorizing access are based on source and executor of a piece of 
particular code; furthermore, Colburn relies on an owner-identifier being incorporated 
into objects, wherein this identifier is based on the creator of an object or the system 
used to create the object, and Colburn defines a set of access authorizations that 
creators must implement into their objects (i.e. not based on a centralized authority 
controlling security details; instead, is based on the existence of an owner identifier and 
a standardized system of access authorizations); additionally, Scheifler 's system and 
Colburn 's system describe two different specific implementations of controlling access 
that is not compatible; applicant's arguments have fully been considered, but are not 
found to be persuasive. 
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The examiner respectfully disagrees, because of the following: 

- the examiner is not fully clear where in Scheifler teach that the security detail is 
"centralized", as no where in Scheifler 's disclosure utilizes the term "centralized"; 
therefore, the examiner is unable to properly respond to applicant's arguments 
associated with Scheifler 's security detail being "centralized; 

- the examiner is not fully clear where Colburn discloses "defines a set of access 
authorizations that creators must implement into their objects" (i.e. creators must 
implement a set of access authorizations into their objects); therefore, the examiner is 
unable to properly respond to applicant's arguments associated with Colburn disclosing 
creators must implement a set of access authorizations into their objects; and 

- the Scheifler 's system and Colburn 's system are compatible because both 
utilizes object oriented programming (e.g. Java programming) associated with security 
measures; and furthermore, the two references are compatible as Scheifler 's 
permissions authorizing access are based on source and executor of a piece of 
particular code (i.e. as presented in applicant's arguments) and Colburn 's system for 
permissions authorizing access are also based on source (e.g. owner-identifier 
associated with source) and executor (e.g. target/executor 160 of Figure 8) of a piece of 
particular code; therefore, by modifying Scheifler 's system with Colburn 's security 
architecture, the resulting combination of the references does teach the claimed 
invention; lastly, the principle of operation for Scheifler 's system did not change, as 
Scheifler 's system still implements security measures associated with object oriented 
programming (e.g. Java programming). 
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3. In response to applicant's arguments with regard to the independent claims 1 , 
20-21 and 31 rejected under 35 U.S.C. 103(a) that the combination of the references 
does not teach/suggest the claimed feature associated with "the target object 
determines whether an external object access to a particular interface based on a call to 
the first interface" because Scheifler discloses implied permissions to other interfaces 
and not the current invention corresponding to each interface may be granted varying 
degrees of access to the target object or each of these interfaces grants a specific set of 
permissions to any object obtaining a references to it; additionally, adding Colburn to 
Scheifler does not solve the deficiencies, as Colburn 's security permissions are not 
granted based on a call to a first interface and Colburn 's security policy of a target 
object is certainly not contained solely within the target object (i.e. Colburn 's security 
policy is granted base on a combination of owner identifier and access authorizations; 
and the access authorizations are not interface based but arbitrary designation that 
enable different level of access to the objects and the utilization of owner identifier 
necessarily involves a process outside of a particular object); applicant's arguments 
have fully been considered, but are not found to be persuasive. 

The examiner respectfully disagrees, and please note that the features upon 
which applicant relies (i.e., each interface may be granted varying degrees of access to 
the target object or each of these interfaces grants a specific set of permissions to any 
object obtaining a references to it) are not recited in the rejected claim(s). Although the 
claims are interpreted in light of the specification, limitations from the specification are 
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not read into the claims. See In re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. 
Cir. 1993). 

Please note that one cannot show nonobviousness by attacking references 
individually where the rejections are based on combinations of references. See In re 
Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 
231 USPQ 375 (Fed. Cir. 1986). Wherein, Scheifler discloses that security permissions 
are granted (e.g. granting permission to any specific file within a directory) based on a 
call to a first interface (e.g. call to access said directory, wherein permission to said 
directory is granted) and Colburn 's security policy (Fig. 8, ref. 184, 194) of a target 
object (Fig. 8 ,ref. 160) is contained solely within the target object (Fig. 8, ref. 160, 184, 
194), wherein the examiner equivocate the claimed "security policy" to Colburn 's target 
access constraints (Fig. 8, ref. 184) and access authorizations (Fig. 8, ref. 194) which 
are contained solely within the target object (Fig. 8, ref. 160). 

I. REJECTIONS BASED ON PRIOR ART 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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4. Claims 1 , 4-21 and 31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Scheifler et al. (US Patent 6,1 38,238) in view of Colburn et al. (US 
Patent 6,173,404). 

5. As per claims 1 , 20-21 and 31 , Scheifler teaches a method, a system and a 
computer readable storage medium storing instructions for controlling a computer 
device for controlling access to an object in an operating system, the method, system 
and computer readable storage medium comprising: 

a module configured means for receiving a call from an external thread (Fig. 6, 
ref. 6200) to a first interface (e.g. write to any file in a directory, such as "c:/") of a target 
object (Fig. 6, ref. 4500-1 ) (Fig. 1 ; Fig. 4-5; col. 4, 1. 51 to col. 5, 1. 3 and col. 9, 1. 1 1 to 
col. 14, I. 38); 

a module configured with means for determining whether the external thread has 
access to other interfaces (e.g. write to any specific file in the directory, such as 
"c:/thisfile") of the target object based on the call received at the first interface (Fig. 4-5 
and col. 1 1 , I. 20 to col. 1 3, 1. 45), wherein the determination is in association with 
implied permission; 

wherein the means for determining is solely determined by (based on) the first 
interface (Fig. 4-5 and col. 1 1 , I. 20 to col. 13, 1. 45), as the determination for access to 
any specific file in a directory (e.g. c:/thisfile) is implied (e.g. solely determined) by the 
determined accessing to said directory (e.g. c:/); and 
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a module configured with means for to grant access to the other interfaces 
according to the determination (Fig. 4-5 and col. 11,1. 20 to col. 1 3, 1. 45). 

Scheifler does not expressly teach the method, system and computer readable 
medium comprising: wherein the call from an object; the target object determining 
access to the other interfaces; and wherein the determination step comprising means 
for examining a security policy contained entirely within the target object. 

Colburn teaches the method, system and computer readable medium 
comprising: a call received from an object (Fig. 5, ref. 100); a target object (Fig. 8, ref. 
160, 184, 194) determining (at the target object) access to the other interfaces; and 
wherein the determination step comprising means for examining a security policy (Fig. 
8, ref. 184, 194) contained entirely within the target object (Fig. 8, ref. 160) (Fig. 7A-7B; 
Fig. 8; col. 1 , 1. 12 to col. 3, 1. 45; col. 7, II. 26-52 and col. 1 1 , I. 25 to col. 12, I. 58), by 
combination Colburn 's target security scheme with Scheifler 's permission 
implementation, the resulting combination further teaches the target object 
implementing access authorization in association with implied permission to other 
interfaces, as the target object determines the access authorization of the received call 
to the other interfaces by examining the target object's own security policies. 

It would have been obvious for one of ordinary skill in this art, at the time of 
invention was made to include Colburn 's inter-object security scheme into Scheifler 's 
object for the benefit of implementing a more robust security scheme between objects 
( Colburn , col. 3, II. 34-37) to obtain the invention as specified in claims 1 , 20-21 and 31 . 
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6. As per claim 4, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method further comprising 
determining whether the external object and the target object operate in a same process 
(e.g. same class of valid digital signature or not) ( Scheifler , col. 9, 1. 52 to col. 11,1. 19). 

7. As per claim 5, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising wherein 
determining whether the external object has access to the other interfaces of the target 
object further comprises: identifying the other interfaces of the target object that can be 
accessed when the first interface is being requested by the external object ( Scheifler , 
col. 1 1 , 1. 20 to col. 1 3, 1. 45), as the other interfaces must be identified in order to 
proper grant the permission via the implied permission. 

8. As per claim 6, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising determining 
a first process of the target object ( Scheifler , col. 9, 1. 52 to col. 11,1.19 and Colburn , 
Fig. 8; Fig. 10; col. 1 , I. 1 2 to col. 3, 1. 45), such as determining whether the target 
object's first process corresponds to either valid digital signature with known keys or 
digital signature that cannot be verified thus a default key is utilized. 



9. As per claim 7, Scheifler and Colburn teach all the limitation of claim 6 as 
discussed above, wherein both further teach the method further comprising determining 
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a second process of the external object ( Scheifler , col. 9, I. 52 to col. 1 1 , I. 19 and 
Colburn , Fig. 8; Fig. 1 0; col. 1 , 1 . 1 2 to col. 3, 1. 45), such as determining whether the 
external object's second process corresponds to either valid digital signature with known 
keys or digital signature that cannot be verified thus a default key is utilized. 

1 0. As per claim 8, Scheifler and Colburn teach all the limitation of claim 7 as 
discussed above, wherein both further teach the method further comprising performing 
a cross-process communication between the target object and the external object 
( Scheifler , col. 9, I. 52 to col. 1 1 , I. 1 9 and Colburn , Fig. 8; Fig. 10; col. 1 , I. 1 2 to col. 3, 
I. 45; col. 13, I. 44 to col. 14, I. 34), such as allowing restrictive access to the target 
object as the target object is under valid digital signature process and the external 
object is not under valid digital signature process. 

11. As per claim 9, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising securing a 
channel for each interface of the target object ( Scheifler , col. 9, 1. 52 to col. 1 1 , 1. 19 and 
Colburn , Fig. 8; Fig. 10; col. 1, I. 12 to col. 3, 1. 45; col. 13, I. 44 to col. 14, I. 34), as the 
channel is secured via a cryptographic key over a network between client and server. 

1 2. As per claim 1 0, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein 
determining whether the external object has access to the other interfaces of the target 
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object further comprises analyzing access constraints within the target object (Scheifler, 
col. 1 1, I. 20 to col. 13, I. 45 and Colburn , Fig. 7A-7B; Fig. 8; col. 13, I. 44 to col. 14, I. 
34), as the analyzing of the implied permission is located within the target object. 

1 3. As per claim 1 1 , Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising analyzing 
interface access data stored within the target object ( Scheifler , col. 1 1 , 1. 20 to col. 1 3, 1. 
45 and Colburn , Fig. 7A-7B; Fig. 8; col. 13, I. 44 to col. 14, I. 34). 

1 4. As per claim 1 2, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising determining 
whether the target object and the external object are in a same protection domain 
( Scheifler , Fig 4; col. 1 1 , I. 20 to col. 1 3, I. 45 and Colburn , Fig. 8). 

1 5. As per claim 1 3, Scheifler and Colburn teach all the limitation of claim 1 2 as 
discussed above, wherein both further teach the method comprising wherein the 
protection domain is a process ( Scheifler , Fig 4 and col. 9, I. 52 to col. 13, I. 45 and 
Colburn , Fig. 8), wherein the process is associated with valid digital signature and un- 
validated digital signature. 



1 6. As per claim 1 4, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising wherein the 
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target object sets the target object's own security policy (Cpjburn, Fig. 8), the target 
object sets the target object's own security policy as the access constraints and access 
authorization resides within the target object. 

1 7. As per claim 1 5, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising wherein 
determining whether the external object has access to the other interfaces further 
comprises determining capabilities of the external object ( Scheifler , col. 9, I. 52 to col. 
13, I. 45), as the capability corresponds to the capability of transferring data along with 
the know key or without the know key. 

1 8. As per claim 1 6, Scheifler and Colburn teach all the limitation of claim 1 5 as 
discussed above, wherein Colburn further teaches the method comprising further 
comprising mapping capabilities of the external object to the other interfaces of the 
target object ( Scheifler , col. 9, I. 52 to col. 13, 1. 45), such as mapping the capability of 
transferring data with the know key to other interfaces for grater access. 

1 9. As per claim 1 7, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein the target 
object and the external object are created using a same methodology (e.g. object 
oriented by Java) ( Scheifler , col. 9, 1. 52 to col. col. 11, I. 19 and Colburn , col. 1, I. 12 to 
col. 3, I. 45). 
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20. As per claim 1 8, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising wherein the 
target object and the external object are views in a view hierarchy ( Colburn , col. 1,1. 12 
to col. 3, I. 45). 

21 . As per claim 1 9, Scheifler and Colburn teach all the limitation of claim 1 8 as 
discussed above, wherein Colburn further teaches the method comprising wherein a 
view has a parent calling interface, a child calling interface, and a child managing 
interface ( Colburn , col. 6, II. 29-52), as the hierarchal relation between parent-child is 
well known with the corresponding above interfaces for the parent and the child. 
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II. CLOSING COMMENTS 

Conclusion 

a. STATUS OF CLAIMS IN THE APPLICATION 

The following is a summary of the treatment and status of all claims in the 
application as recommended by M.P.E.P. 707.07(i): 

a(1) CLAIMS REJECTED IN THE APPLICATION 

Per the instant office action, claims 1 , 4-21 and 31 have received a first action on 
the merits and are subject of a first action non-final. 

b. DIRECTION OF FUTURE CORRESPONDENCES 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chun-Kuan (Mike) Lee whose telephone number is 
(571) 272-0671 . The examiner can normally be reached on 8AM to 5PM. 

IMPORTANT NOTE 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Alford Kindred can be reached on (571) 272-4037. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 

Patent Application Information Retrieval (PAIR) system. Status information for 

published applications may be obtained from either Private PAIR or Public PAIR. 

Status information for unpublished applications is available through Private PAIR only. 

For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

you have questions on access to the Private PAIR system, contact the Electronic 

Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 

USPTO Customer Service Representative or access to the automated information 

system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Chun-Kuan Lee/ 
Primary Examiner 
Art Unit 2181 
January 20, 201 1 



